Scanned pages/files
| Request | Server response | Status |
http://altoon-co.com/ | 200 OK Content-Length: 22167 Content-Type: text/html | suspicious |
Hidden iFrame found. size: 1x1 style: hidden src: http://www.superfish.com/ws/userdata.jsp?dlsource=ecvzyna&userid=ntbcntbc&ver=13.1.1.99 <iframe src="http://www.superfish.com/ws/userdata.jsp?dlsource=ecvzyna&userid=ntbcntbc&ver=13.1.1.99" style="position: absolute; top: -100px; left: -100px; z-index: -10; border: none; visibility: hidden; width: 1px; height: 1px;"> Hidden iFrame found. size: 1x1 style: hidden src: http://www.superfish.com/ws/userdata.jsp?dlsource=ecvzyna&userid=ntbcntbc&ver=13.1.4.54 <iframe src="http://www.superfish.com/ws/userdata.jsp?dlsource=ecvzyna&userid=ntbcntbc&ver=13.1.4.54" style="position: absolute; top: -100px; left: -100px; z-index: -10; border: none; visibility: hidden; width: 1px; height: 1px;"> Hidden iFrame found. size: 1x1 style: hidden src: http://www.superfish.com/ws/userdata.jsp?dlsource=ecvzyna&userid=ntbcntbc&ver=13.1.4.52 <iframe src="http://www.superfish.com/ws/userdata.jsp?dlsource=ecvzyna&userid=ntbcntbc&ver=13.1.4.52" style="position: absolute; top: -100px; left: -100px; z-index: -10; border: none; visibility: hidden; width: 1px; height: 1px;"> Deface/Content modification. The following signature was found: Hacked by joker jr yemen <html __fvdsurfcanyoninserted="1"><head><title>Hacked by joker jr yemen</title><style>@font-face { font-family: 'Orbitron'; font-style: normal; font-weight: 700; src: local('Orbitron-Bold'), url(http://themes.googleusercontent.com/static/fonts/orbitron/v4/Y82YH_MJJWnsH2yUA5AuYYbN6UDyHWBl620a-IRfuBk.woff) format('woff');}</style><script src="https://www.superfish.com/ws/sf_main.jsp?dlsource=ecvzyna&userId=90C54031-A10B-49BD-BA55-0 ...[24467 bytes skipped]... | ||
https://www.superfish.com/ws/sf_main.jsp?dlsource=ecvzyna&userId=90C54031-A10B-49BD-BA55-029E585E7888&CTID=ecvzyna | 200 OK Content-Length: 10584 Content-Type: text/html | clean |
http://www.superfish.com/test404page.js | HTTP/1.1 301 Moved Permanently Cache-Control: no-cache, must-revalidate, max-age=0 Connection: close Date: Tue, 17 Jun 2014 15:29:12 GMT Pragma: no-cache Location: http://wwws.superfish.com/test404page.js Server: nginx Content-Type: text/html; charset=UTF-8 Expires: Wed, 11 Jan 1984 05:00:00 GMT CF-Cache-Status: MISS CF-RAY: 13c04805f3f30651-SJC ClientCountry: LT Set-Cookie: __cfduid=dcc1b5ee64bcf74651c062d2ec2003a091403018952638; expires=Mon, 23-Dec-2019 23:50:00 GMT; path=/; domain=.superfish.com; HttpOnly X-Pingback: http://wwws.superfish.com/xmlrpc.php X-Powered-By: PHP/5.3.3 | clean |
http://wwws.superfish.com/test404page.js | 404 Not Found Content-Length: 27779 Content-Type: text/html | clean |
http://wwws.superfish.com/wp-includes/js/jquery/jquery.js?ver=1.8.3 | 200 OK Content-Length: 93661 Content-Type: application/x-javascript | clean |
http://wwws.superfish.com/wp-content/themes/SCRN/js/jquery.cycle.all.min.js?ver=3.5.1 | 200 OK Content-Length: 31614 Content-Type: application/x-javascript | clean |
http://wwws.superfish.com/wp-content/themes/SCRN/js/jquery.flexslider.js?ver=1.0 | 200 OK Content-Length: 41062 Content-Type: application/x-javascript | clean |
http://www.superfish.com//www.googleadservices.com/pagead/conversion.js/ | HTTP/1.1 301 Moved Permanently Cache-Control: no-cache, must-revalidate, max-age=0 Connection: close Date: Tue, 17 Jun 2014 15:29:15 GMT Pragma: no-cache Location: http://wwws.superfish.com/www.googleadservices.com/pagead/conversion.js/ Server: nginx Content-Type: text/html; charset=UTF-8 Expires: Wed, 11 Jan 1984 05:00:00 GMT CF-RAY: 13c04814c6230657-SJC ClientCountry: LT Set-Cookie: __cfduid=d8cc1e465bfcb6c8ec5767fa19d2a0d3b1403018955006; expires=Mon, 23-Dec-2019 23:50:00 GMT; path=/; domain=.superfish.com; HttpOnly X-Pingback: http://wwws.superfish.com/xmlrpc.php X-Powered-By: PHP/5.3.3 | clean |
http://wwws.superfish.com/www.googleadservices.com/pagead/conversion.js/ | 404 Not Found Content-Length: 27812 Content-Type: text/html | clean |
http://wwws.superfish.com//www.googleadservices.com/pagead/conversion.js/ | HTTP/1.1 301 Moved Permanently Cache-Control: no-cache, must-revalidate, max-age=0 Connection: close Date: Tue, 17 Jun 2014 15:29:16 GMT Pragma: no-cache Location: http://wwws.superfish.com/www.googleadservices.com/pagead/conversion.js/ Server: cloudflare-nginx Content-Type: text/html; charset=UTF-8 Expires: Wed, 11 Jan 1984 05:00:00 GMT CF-RAY: 13c0481c7bca0893-FRA Set-Cookie: __cfduid=dc1715a928e0a9d7ccab448a79aa35db61403018956236; expires=Mon, 23-Dec-2019 23:50:00 GMT; path=/; domain=.superfish.com; HttpOnly X-Pingback: http://wwws.superfish.com/xmlrpc.php X-Powered-By: PHP/5.3.3 | clean |
http://wwws.superfish.com/wp-content/plugins/contact-form-7/includes/js/jquery.form.min.js?ver=3.36.0-2013.06.16 | 200 OK Content-Length: 14510 Content-Type: application/x-javascript | clean |
http://wwws.superfish.com/wp-content/plugins/contact-form-7/includes/js/scripts.js?ver=3.4.2 | 200 OK Content-Length: 7354 Content-Type: application/x-javascript | clean |
http://wwws.superfish.com/wp-content/themes/SCRN/js/jquery.sticky.js?ver=1.0 | 200 OK Content-Length: 4627 Content-Type: application/x-javascript | clean |
http://wwws.superfish.com/wp-content/themes/SCRN/js/jquery.smooth-scroll.js?ver=1.0 | 200 OK Content-Length: 1434 Content-Type: application/x-javascript | clean |
http://wwws.superfish.com/wp-content/themes/SCRN/js/contact-form.js?ver=1.0 | 200 OK Content-Length: 1385 Content-Type: application/x-javascript | clean |
http://wwws.superfish.com/wp-content/themes/SCRN/js/jquery.easing.1.3.js?ver=1.0 | 200 OK Content-Length: 8301 Content-Type: application/x-javascript | clean |
http://wwws.superfish.com/wp-content/themes/SCRN/js/jquery.prettyPhoto.js?ver=1.0 | 200 OK Content-Length: 25298 Content-Type: application/x-javascript | clean |
http://wwws.superfish.com/wp-content/themes/SCRN/js/jquery.inview.js?ver=1.0 | 200 OK Content-Length: 2097 Content-Type: application/x-javascript | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: altoon-co.com
Result:
HTTP/1.1 200 OK
Date: Tue, 17 Jun 2014 15:28:41 GMT
Accept-Ranges: bytes
ETag: "0115a3787cf1:0"
Server: Microsoft-IIS/7.5
Content-Length: 22167
Content-Type: text/html
Last-Modified: Fri, 13 Jun 2014 18:43:22 GMT
X-Powered-By: ASP.NET
...22167 bytes of data.
GET / HTTP/1.1
Host: altoon-co.com
Result:
HTTP/1.1 200 OK
Date: Tue, 17 Jun 2014 15:28:41 GMT
Accept-Ranges: bytes
ETag: "0115a3787cf1:0"
Server: Microsoft-IIS/7.5
Content-Length: 22167
Content-Type: text/html
Last-Modified: Fri, 13 Jun 2014 18:43:22 GMT
X-Powered-By: ASP.NET
...22167 bytes of data.
Second query (visit from search engine):
GET / HTTP/1.1
Host: altoon-co.com
Referer: http://www.google.com/search?q=altoon-co.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: altoon-co.com
Referer: http://www.google.com/search?q=altoon-co.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=altoon-co.com
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://altoon-co.com/
Result: altoon-co.com is not infected or malware details are not published yet.
Result: altoon-co.com is not infected or malware details are not published yet.